Hi Jimmy, You are very welcome, the local fuzzy learning helps me a lot on the server I operate, helping identifying daily recurrent spams with tiny changes, or phish/spam campaigns targeting many users.
Please let me know how the installer did, I tried to cover several install cases but it's never really 100% bullet proof :) And one thing maybe I didn't document enough, the learning part on the current version is done by configuring IMAP SIEVE scripts on Dovecot (the installer tries to do it automatically) or on any IMAP server supporting IMAP SIEVE scripts, but there is no other integration than Dovecot developed as of today on the installer. Best, Simon Le jeu. 15 janv. 2026 à 13:18, Jimmy <[email protected]> a écrit : > > Hi Simon, > > Thanks for sharing this project. I am very interested in the approach, > particularly the local fuzzy-hashing layer. > > I plan to implement this in my system to see how it performs alongside my > current setup. I will report back with feedback once I have some data. > > Best regards, > Jimmy > > > On Thu, Jan 15, 2026 at 7:04 PM Simon Bressier <[email protected]> wrote: >> >> Hi everyone, >> >> Following a brief exchange with Giovanni Bechis, I’m reaching out to >> this list to present an open-source project I’ve been developing: >> Mailuminati Guardian. >> >> By way of background, I’ve been working in the anti-spam and >> anti-fraud ecosystem for about 15 years, currently for the French >> public mailbox provider laposte.net. >> >> What is Mailuminati Guardian? >> >> Guardian is a high-performance enforcement service designed to run >> alongside your existing MTA and SpamAssassin setup. It is not meant to >> replace SpamAssassin, but to complement it by providing a fast, local >> fuzzy-hashing layer. >> >> It relies on TLSH (Trend Micro Locality Sensitive Hash) and LSH techniques >> to: >> >> 1. Generate structural fingerprints of incoming emails. >> >> 2. Apply immediate local learning: When you or your users report a >> threat, Guardian learns the structural "distance" and blocks similar >> variants instantly without waiting for global rules. >> >> 3. Collaborate via the Oracle: It queries a shared global database >> only when local proximity is detected, benefiting from >> community-driven intelligence while preserving privacy (no raw content >> is ever shared). >> >> Why I’m posting here >> >> I have developed an integration for SpamAssassin (and Rspamd/Dovecot) >> and I am looking for experienced postmasters and developers from this >> community to: >> >> • Beta test the integration: Validate the installer and the plugin’s >> behavior in different environments. >> >> • Provide feedback: On the logic, the scoring, and the overall performance. >> >> • Discuss Perl implementation: Giovanni mentioned that a native TLSH >> Perl implementation for SA could be an interesting path forward, and >> I’d love to hear the community’s thoughts on this. >> >> The goal is to make our filtering stacks more resilient and benefit >> from a shared experience, because as we all know, the more "email >> geeks" we are, the more effective our defense becomes. >> >> Project Link: https://github.com/Mailuminati/Guardian >> >> If you have a bit of time to look at the code or test the >> installation, your feedback would be invaluable. And if you like the >> approach, feel free to star the repo to help with visibility! >> >> Looking forward to your thoughts and feedback. >> >> Best regards, >> >> Simon Bressier >> >> https://www.linkedin.com/in/simon-bressier/
